Always-Incorrect Control Flow Implementation Affecting directus package, versions <10.8.3
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-JS-DIRECTUS-6356275
- published 3 Mar 2024
- disclosed 1 Mar 2024
- credit Julian Hector
Introduced: 1 Mar 2024
CVE-2024-27295 Open this link in a new tabHow to fix?
Upgrade directus
to version 10.8.3 or higher.
Overview
directus is a Directus is a real-time API and App dashboard for managing SQL database content.
Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation due to the password reset mechanism implementation combined with default database configurations in MySQL and MariaDB. This allows attackers in possession of a known good email address to redirect a password reset email intended for a victim by registering a similar email address with alternative characters that are considered equivalent to the same ones as characters in the stored email address, by the database engine. The API uses the supplied email address for sending the reset password mail instead of the email address from the database.